Dive Deep Into MDR for Endpoint With its ability to conduct threat intel comparisons, attack visualizations, and analysis of forensics data, endpoint detection and response (EDR) has become a mainstay of modern security programs. Yet EDR still doesn’t provide the caliber of highly automated functions necessary to reduce today’s attack
Questions related to how security leaders can create the best threat intelligence programs for their organizations were recently covered in an episode of Cybersecurity America with Josh Nicholson. While there are many questions an organization should address when adopting a threat intelligence program, below are three of the many that
DeepSeas analysts identified an unspecified cyber threat actor conducting post-compromise activities in a company within the Architecture and Engineering industry. The targeted system was a domain controller that did not have an EDR agent installed. The DeepSeas SOC detected the creation of a file on an adjacent system that did
Some security leaders have had SOC alert prioritization decisions made for them. Others are dealing with decisions that were made so long ago, no one remembers how they came to be. While other leaders feel certain in their decisions — e.g. “I measure our reduction in false positives.” — these
In a DeepSeas series titled “Meet Our Deeps,” we introduce you to our cybersecurity experts who are serving in the cyber seas. Today, we introduce you to Ruben Mbon, a Cybersecurity Lead at DeepSeas. Let’s dive in to learn more about his work and career. Q: Hello, Ruben. Please tell
OneNote Files Used for Malware Delivery, Actors Iterate Rapidly A DeepSeas Summary DeepSeas has identified a new technique involving the use of OneNote files in malware delivery, though activity of this nature was observed to have accelerated among cybercriminal groups in December 2022. The use of this new filetype has
Yesterday was the first Patch Tuesday of the year, which some may speculate to be the cause of the FAA System Failure Grounding US Flights. Currently there is no indication of a cyber attack. Summary: On 11 January 2023, reports on social media and news sites began circulating that the
Potential for Russia to respond with cyber-attacks against U.S. organizations, such as financial, oil and gas, or manufacturing. Executive Summary: In Mid-October, Russian President Vladimir Putin announced that the Russian Defense Ministry had almost reached its goal of 300,000 reservists activated to aid in his war effort in Ukraine. Russia
Summary: On 22 December 2022, a potential Remote Code Execution (RCE) vulnerability in Linux Kernel versions 5.15 – 5.18.x / 5.19.x which affects Linux Kernel products with ksmbd enabled. According to Zero Day Initiative, the vulnerability could allow remote attackers to execute arbitrary code on affected installations and authentication is
The new entity’s mission is to create the world’s most in-depth cyber defense services. San Diego, CA and McLean, VA – December 8, 2022 –With the backing of Nautic Partners, Security On-Demand announced today it has acquired Booz Allen Hamilton’s (NYSE: BAH) commercial Managed Threat Services (MTS) business. MTS and
Booz Allen’s Managed Threat Services business and DeepSeas cybersecurity was described to me during a recent chat with Wade Alt, the new Chief Operating Officer of DeepSeas. I learned his perspective on the launch of DeepSeas, what it means for the cybersecurity market, and his career. An interview of Wade
By Chris Esemplare, CEO at DeepSeas In the cybersecurity market, DeepSeas is a new name, but it’s not a startup. Rather, it’s the unification of two mighty forces in cyber defense: Booz Allen Hamilton’s commercial Managed Threat Services business and Security On-Demand. I am excited by the potential of combining
21% of the DeepSeas crew are Veterans or Active Military Reservists. Join our talented crew of cyber experts.
